Systems and methods for detecting locations of webpage elements

ABSTRACT

Methods and systems are presented for automatically detecting positions of various webpage elements within a webpage when the webpage is rendered, based on analyzing the programming code of the webpage. A position detection system obtains and parses the programming code of the webpage to identify webpage elements within the webpage. A group of related webpage elements is identified based on a shared programming structure. The position detection system generates a DOM tree based on the programming code, and determines relative positions of the webpage elements within the group by traversing the DOM tree using a breadth-first search algorithm.

CROSS REFERENCE TO RELATED APPLICATIONS

The present application is a continuation application of U.S. patentapplication Ser. No. 16/559,020, filed Sep. 3, 2019, and is incorporatedin reference in its entirety.

BACKGROUND

The present specification generally relates to automatic detection oflocations of webpage elements within a webpage, and more specifically,to detecting locations of various webpage elements within the webpagebased on analyzing programming code of the webpage according to variousembodiments of the disclosure.

RELATED ART

Many websites include webpage elements associated with other websites(e.g., links to third-party websites) that offer auxiliary contentand/or services to end users. For example, a merchant website maypresent, in a merchandise checkout webpage, links to third-party digitalpayment service providers, such as PAYPAL®, APPLE PAY®, and otherpayment service providers for facilitating electronic paymenttransactions for purchases arising from the merchant website. Thepositions of the links that appear on the merchant webpage when themerchant webpage is rendered on a device of an end user may affect oneor more of: a probability of the end user selecting one of the links(e.g., selecting one of the payment service providers, etc.), a riskassociated with the transaction, and other factors, that may beconsequential for the third-party payment service providers.

Furthermore, a third-party digital payment service provider may have anexisting agreement with the merchant, specifying that a link associatedwith the third-party digital payment service provider should bepresented at a specific position within the checkout webpage (e.g., toappear at a first position among all payment options presented in thecheckout webpage, etc.). However, the layout (or formatting) rules forthe webpage (e.g., a layout structure and/or CSS code associated withthe webpage) may cause the link to be rendered at a different position(either intentionally or inadvertently done by the merchant). It isoften difficult to detect the positions of the webpage elements invarious webpages, except by rendering the webpages on a device andmanually checking the rendered webpages. Thus, there is a need forautomatically detecting positions of webpage elements within a webpagebased on analyzing programming code of the webpage.

BRIEF DESCRIPTION OF THE FIGURES

FIG. 1 is a block diagram illustrating an electronic transaction systemaccording to an embodiment of the present disclosure;

FIG. 2 is a block diagram illustrating a position detection moduleaccording to an embodiment of the present disclosure;

FIG. 3 is a flowchart showing a process of automatically detectingpositions of webpage elements within a webpage according to anembodiment of the present disclosure;

FIG. 4 illustrates an exemplary webpage having groups of related webpageelements according to an embodiment of the present disclosure;

FIG. 5 illustrates exemplary programming code associated with a webpageaccording to an embodiment of the present disclosure; and

FIG. 6 is a block diagram of a system for implementing a deviceaccording to an embodiment of the present disclosure.

Embodiments of the present disclosure and their advantages are bestunderstood by referring to the detailed description that follows. Itshould be appreciated that like reference numerals are used to identifylike elements illustrated in one or more of the figures, whereinshowings therein are for purposes of illustrating embodiments of thepresent disclosure and not for purposes of limiting the same.

DETAILED DESCRIPTION

The present disclosure describes methods and systems for automaticallydetecting positions of various webpage elements within a webpage whenthe webpage is rendered, based on analyzing the programming code of thewebpage. In some embodiments, a position detection system may determinean order (or relative positions) in which webpage elements within agroup of related webpage elements appear within the webpage when thewebpage is rendered, based on analyzing the programming code of thewebpage. The position detection system may first access a webpage thatincludes various webpage elements. The webpage may be a transactioncheckout webpage associated with a merchant website, and may includewebpage elements (e.g., links) associated with digital payment serviceproviders. The position detection system may provide a web crawler,e.g., a software program that access data over the Internet, to accessone or more transaction checkout webpages (associated with one or moremerchants) by providing network addresses (e.g., uniform resourcelocator (URL) addresses, etc.) associated with the one or moretransaction checkout webpages to a network (e.g., via a web browserapplication). Alternatively, the position detection system may accessthe transaction checkout webpage by initiating a transaction checkoutprocess at a merchant website. For example, the web crawler may emulatean end-user initiating a transaction with a merchant website. The webcrawler may first access the merchant website (e.g., a homepage or aportal of the merchant website), arbitrarily select one or moreofferings from the merchant website for purchase (e.g., by adding theone or more offerings to an electronic shopping cart of the merchantwebsite), and then initiate the checkout process via the merchantwebsite (e.g., selecting a checkout option on the merchant website) toaccess a transaction checkout page of the merchant website.

The position detection system may then obtain programming codeassociated with the webpage (e.g., by downloading the source code of thetransaction checkout webpage). The position detection system may analyzethe programming code associated with the webpage to identify a group ofrelated webpage elements within the webpage. In the example where thewebpage is the transaction checkout webpage of a merchant website, thegroup of related webpage elements may be associated with payment optionsthat an end user of the merchant website may select for performing apayment of a transaction with the merchant website.

In some embodiments, the position detection system may identify webpageelements that are part of (or related to) one or more groups within thewebpage based on the programming code. For example, the positiondetection system may parse the programming code of the webpage andextract webpage elements within the webpage that may be part of one ormore groups based on a grouping tag, such as a container tag, a listtag, etc., included in the webpage elements. In one embodiment, theposition detection system may determine that a webpage element is partof a group when the webpage element includes a grouping tag. Examples ofgrouping tags (for webpages that are developed using Hypertext MarkupLanguage (HTML)) may include a <DIV> tag, a <LI> tag, a <DT> tag, and a<LABEL> tag.

Since webpage elements that are part of the same group may share acommon programming code structure, after identifying all webpageelements that are part of one or more groups within the webpage, theposition detection system may determine related webpage elements (e.g.,which webpage elements are part of the same group) by analyzing theprogramming code structures of the webpage elements. In someembodiments, the position detection system may remove (e.g., strip away)user-provided content (e.g., text, image links, multi-media links, etc.)and variable attribute values (e.g., “input id” values, “input value”values, “label for” values, etc.) that are not part of the programmingstructures within the webpage elements. The user-provided content andvariable attribute values may differ among different webpage elements,even if they are part of the same group. After removing theuser-provided content and variable attribute values from the webpageelements, the remaining programming code (e.g., stripped programmingcode) may reveal the programming structures of the webpage elements. Assuch, the position detection system may compare the stripped programmingcode of the webpage elements to determine which webpage elements share acommon programming structure, and thus are related to each other (e.g.,part of a group). For example, the position detection system maydetermine that certain webpage elements within the webpage are relatedto each other when the webpage elements have an identical or a similarprogramming structure (e.g., shared portions of the stripped programmingcode above a predetermined threshold (e.g., 90%, 95%, etc.)).

In some embodiments, after dividing the webpage elements into one ormore groups, the position detection system may further eliminate groupsthat include only one webpage element (e.g., webpage elements that donot share programming structures with any other webpage elements withinthe webpage). From the remaining groups of webpage elements, theposition detection system may determine at least one group that isrelated to a target subject matter (e.g., payment options). For example,the position detection system may parse the programming code (e.g., theoriginal, unstripped version) of the remaining groups of webpageelements to search for one or more keywords related to the targetsubject matter (e.g., “payment,” “pay,” “pay_method,” etc.). When one ormore keywords related to the target group appear in the programming codeof the webpage elements in a group, the position detection system maydetermine that the group of webpage elements is related to the targetsubject matter. In other embodiments, keywords may be weighted, suchthat certain keywords that have a higher likelihood of being related tothe target subject matter are weighted more than keywords having a lowerlikelihood. A determination whether the corresponding group of webpageelements is related to the target subject matter may then be based onthe keywords meeting a threshold.

In some embodiments, the position detection system may determine whethera group of webpage elements is associated with the target subject matterby submitting one or more characteristics of the programming structureassociated with the group of webpage elements to a machine learningmodel, that has been trained to determine whether a programmingstructure is associated with the target subject matter. Thecharacteristics may include at least one of: the types of tags used inthe programming structure, an order of the tags, a number of the sametype of tags used in the programming structure, how many nested levelswithin the programming structure, how tags are nested within tags forthe programming structure, etc.

Once the group of webpage elements related to the target subject matteris determined, a particular webpage element of interest to the positiondetection system may be detected within the group. For example, theparticular webpage element may be a link associated with a particularservice provider. Furthermore, the position detection system maydetermine relative positions of appearances of the webpage elementswithin the group (e.g., an order, such as from left to right or from topto bottom, etc.) when the webpage is rendered (e.g., presented on a webbrowser), and/or a relative position of an appearance of the particularwebpage element among the webpage elements within the group when thewebpage is rendered. In some embodiments, the position detection systemmay parse the group of webpage elements and search for one or morekeywords associated with the particular webpage element. For example, ifthe particular webpage element of interest to the position detectionsystem is a payment option link associated with PAYPAL®, the positiondetection system may search for the word “paypal” within the webpageelements in the group. The position detection system may then determinethat the particular webpage element is of interest to the positiondetection system when the programming code associated with theparticular webpage element includes the word “paypal.”

In some embodiments, the position detection system may generate (e.g.,build) a document object model (DOM) tree based on the programming codeof the webpage. The DOM tree may include nodes, where a node (or a groupof nodes) in the DOM tree corresponds to a webpage element within thewebpage (e.g., the tags associated with the webpage element). Forexample, the root node (or the root group of nodes) in the DOM tree maycorrespond to a root webpage element (e.g., a title) within the webpage.The DOM tree may have multiple levels of nodes, where each levelcorresponds to a tag level within the programming code. Thus, when thewebpage has a nested structure (e.g., one or more nested tags), theposition detection system may generate the DOM tree to have multiplelevels, where each nested structure is represented by a level within theDOM tree. As such, the DOM tree may represent how the webpage elements(e.g., text, images, multi-media content, user interface elements suchas a link, a button, a check-box, a text box, a radio button, etc.) arepresented when the webpage is rendered by a software application (e.g.,a web browser).

In some embodiments, the position detection system may determine anorder in which the group of related webpage elements is presented whenthe webpage is rendered by traversing the DOM tree. For example, theposition detection system may traverse the DOM tree in a breadth-firstsearch manner, and the order in which the nodes are traversed may beused to determine the order in which the corresponding webpage elementsare presented on the webpage when the webpage is rendered. Thus, bydetermining an order in which the nodes (including the nodescorresponding to the group of webpage elements) are reached based ontraversing the DOM tree using a breath-first search algorithm, theposition detection system may determine an order in which the relatedwebpage elements in the group are presented on the webpage when thewebpage is rendered, and the relative position of the particular webpageelement among the group of webpage elements within the order.

In some embodiments, the position detection system may apply theformatting rules (e.g., CSS code) associated with the webpage to thewebpage elements before building and/or traversing the DOM tree. Uponapplying the formatting rules to the webpage elements, the positiondetection system may also determine whether each of the webpage elementsis within a viewport of the webpage (e.g., is visible on the webpagewhen the webpage is rendered). Thus, not only can the position detectionsystem determine an order of the webpage elements presented on thewebpage, the position detection system may also determine whether theparticular webpage element (or the entire group of webpage elements) isvisible to end-users (e.g., within the viewport of the webpage) when thewebpage is rendered.

Upon determining that the particular webpage element is visible toend-users and determining the relative position of the particularwebpage element among the group of webpage elements, the positiondetection system may compare the determined position of the particularwebpage to a predetermined position. The predetermined position may be aposition agreed upon between the merchant and the service provider forpresenting the particular webpage element on the merchant website, or adesirable position by the service provider associated with the positiondetection system. If the position detection system determines that theposition of the particular webpage element on the webpage determinedbased on analyzing the programming code of the webpage is different(e.g., higher or lower) than the predetermined position, the positiondetection system may transmit an alert to a device associated with theservice provider. In some embodiments, as discussed above, the webcrawler may be configured to crawl through a network (e.g., theInternet) to obtain various webpages associated with different entities(e.g., transaction checkout webpages associated with different merchantwebsites) that include the particular webpage element. The positiondetection system may then analyze the programming code of the webpagesto determine, for each merchant website, a relative position of theparticular webpage element (e.g., a particular payment option) among thegroup of webpage elements (e.g., a group of payment options). Theposition detection system may generate a report indicating the merchantwebsites that present the particular webpage element at thepredetermined position and the merchant websites that present theparticular webpage element at a different position. Furthermore, theposition detection system may also determine correlations between therelative position of the webpage element and a metric that may be anumber (or frequency), a ratio, or other metrics of transactions forwhich the end-users select the particular payment option for thetransactions. In some embodiments, the position detection system mayfeed the data into a machine learning model to determine an optimalposition (e.g., the position of the webpage element that would producethe maximum number of selection of the particular payment option).

In some embodiments, the position detection system is part of a riskassessment system for a service provider. In some embodiments, theparticular webpage element may be associated with initiating anelectronic transaction request with the service provider (e.g.,initiating an electronic payment request, etc.). Thus, when an end userselects the particular webpage element (e.g., a button, a link, etc.)that appears on the webpage (e.g., a transaction checkout webpage), theweb browser directs the end user to a website associated with theservice provider. The risk assessment system of the service provider maythen use the position detection system to determine a relative positionof the particular webpage element among the group of related webpageelements that appear on the transaction checkout webpage when thetransaction checkout webpage is rendered and may use the determinedrelative position to determine a risk associated with the transactionrequest. The risk assessment system may authorize or deny thetransaction request based on the risk.

FIG. 1 illustrates an electronic transaction system 100, within whichthe position detection system may be implemented according to oneembodiment of the disclosure. The electronic transaction system 100includes a service provider server 130, merchant servers 120, 170, and180, and a user device 110 that may be communicatively coupled with eachother via a network 160. The network 160, in one embodiment, may beimplemented as a single network or a combination of multiple networks.For example, in various embodiments, the network 160 may include theInternet and/or one or more intranets, landline networks, wirelessnetworks, and/or other appropriate types of communication networks. Inanother example, the network 160 may comprise a wirelesstelecommunications network (e.g., cellular phone network) adapted tocommunicate with other communication networks, such as the Internet.

The user device 110, in one embodiment, may be utilized by a user 140 tointeract with the merchant server 120 and/or the service provider server130 over the network 160. For example, the user 140 may use the userdevice 110 to conduct an online purchase transaction with any one of themerchant servers 120, 170, and 180 via websites hosted by, or mobileapplications associated with, the merchant servers 120, 170, and 180,respectively. The user 140 may also log in to a user account to accessaccount services or conduct electronic transactions (e.g., accounttransfers or payments) with the service provider server 130. The userdevice 110, in various embodiments, may be implemented using anyappropriate combination of hardware and/or software configured for wiredand/or wireless communication over the network 160. In variousimplementations, the user device 110 may include at least one of awireless cellular phone, wearable computing device, PC, laptop, etc.

The user device 110, in one embodiment, includes a user interfaceapplication 112 (e.g., a web browser, a mobile payment application,etc.), which may be utilized by the user 140 to conduct electronictransactions (e.g., online payment transactions, etc.) with the merchantservers 120, 170, and 180, and/or the service provider server 130 overthe network 160. In one aspect, purchase expenses may be directly and/orautomatically debited from an account related to the user 140 via theuser interface application 112.

In one implementation, the user interface application 112 includes asoftware program (e.g., a mobile application) that provides a graphicaluser interface (GUI) for the user 140 to interface and communicate withthe service provider server 130 and/or the merchant servers 120, 170,and 180 via the network 160. In another implementation, the userinterface application 112 includes a browser module that provides anetwork interface to browse information available over the network 160.For example, the user interface application 112 may be implemented, inpart, as a web browser to view information available over the network160.

The user device 110, in various embodiments, may include otherapplications 116 as may be desired in one or more embodiments of thepresent disclosure to provide additional features available to the user140. In one example, such other applications 116 may include securityapplications for implementing client-side security features,programmatic client applications for interfacing with appropriateapplication programming interfaces (APIs) over the network 160, and/orvarious other types of generally known programs and/or softwareapplications. In still other examples, the other applications 116 mayinterface with the user interface application 112 for improvedefficiency and convenience.

The user device 110, in one embodiment, may include at least oneidentifier 114, which may be implemented, for example, as operatingsystem registry entries, cookies associated with the user interfaceapplication 112, identifiers associated with hardware of the user device110 (e.g., a media control access (MAC) address), or various otherappropriate identifiers. In various implementations, the identifier 114may be passed with a user login request to the service provider server130 via the network 160, and the identifier 114 may be used by theservice provider server 130 to associate the user with a particular useraccount (e.g., and a particular profile) maintained by the serviceprovider server 130.

In various implementations, the user 140 is able to input data andinformation into an input component (e.g., a keyboard) of the userdevice 110. For example, when the a transaction checkout webpageassociated with any one of the merchant servers 120, 170, or 180 (thatincludes a group of website elements, such as links to different serviceprovider servers including the service provider server 130) is presentedon the UI application 112 of the user device 110, the user 140 may usethe input component to provide a selection of any one of the websiteelements presented on the transaction checkout webpage. Furthermore, theuser 140 may also use the input component to provide user informationwith a transaction request, such as a login request, a fund transferrequest, a request for adding an additional funding source (e.g., a newcredit card), or other types of request. The user information mayinclude user identification information.

Even though only one user device 110 is shown in FIG. 1, it has beencontemplated that one or more user devices (each similar to user device110) may be communicatively coupled with the service provider server 130via the network 160 within the system 100.

The merchant server 120, in various embodiments, may be maintained by abusiness entity (or in some cases, by a partner of a business entitythat processes transactions on behalf of business entity). Examples ofbusiness entities include merchant sites, resource information sites,utility sites, real estate management sites, social networking sites,etc., which offer various items for purchase and process payments forthe purchases. The merchant server 120 may include a merchant database124 for identifying available items, which may be made available to theuser device 110 for viewing and purchase by the user.

The merchant server 120, in one embodiment, may include a marketplaceapplication 122, which may be configured to provide information over thenetwork 160 to the user interface application 112 of the user device110. For example, the user 140 of the user device 110 may interact withthe marketplace application 122 through the user interface application112 over the network 160 to search and view various items available forpurchase in the merchant database 124. The merchant server 120, in oneembodiment, may include at least one merchant identifier 126, which maybe included as part of the one or more items made available for purchaseso that, e.g., particular items are associated with the particularmerchants. In one implementation, the merchant identifier 126 mayinclude one or more attributes and/or parameters related to themerchant, such as business and banking information. The merchantidentifier 126 may include attributes related to the merchant server120, such as identification information (e.g., a serial number, alocation address, GPS coordinates, a network identification number,etc.).

A merchant may also use the merchant server 120 to communicate with theservice provider server 130 over the network 160. For example, themerchant may use the merchant server 120 to communicate with the serviceprovider server 130 in the course of various services offered by theservice provider to a merchant, such as payment intermediary betweencustomers of the merchant and the merchant itself. For example, themerchant server 120 may use an application programming interface (API)that allows it to offer sale of goods or services in which customers areallowed to make payment through the service provider server 130, whilethe user 140 may have an account with the service provider server 130that allows the user 140 to use the service provider server 130 formaking payments to merchants that allow use of authentication,authorization, and payment services of the service provider as a paymentintermediary. In one example, the marketplace application 122 mayinclude an interface server (e.g., a web server, a mobile applicationserver, etc.) that provides an interface (e.g., a webpage) for the user140 to interact with the merchant server 120. The merchant websitehosted by the merchant server 120 may include a transaction checkoutwebpage, which may include webpage elements (e.g., links, etc.) forinitiating payment services with the service provider server 130 andpossibly other service providers. The user 140 who initiates atransaction with the merchant server 120 may be presented with such atransaction checkout webpage, through which the user 140 may select apayment method with any one of the payment service providers (e.g., viaselecting one of the webpage elements on the webpage). The merchant mayalso have an account with the service provider server 130. Each of themerchant servers 170 and 180 may include similar components as themerchant server 120 and may provide similar services to the user 140 asthe merchant server 120.

The service provider server 130, in one embodiment, may be maintained bya transaction processing entity or an online service provider, which mayprovide processing for electronic transactions between the user 140 ofuser device 110 and one or more merchants. As such, the service providerserver 130 may include a service application 138, which may be adaptedto interact with the user device 110 and/or the merchant server 120 overthe network 160 to facilitate the searching, selection, purchase,payment of items, and/or other services offered by the service providerserver 130. In one example, the service provider server 130 may beprovided by PayPal®, Inc., of San Jose, Calif., USA, and/or one or moreservice entities or a respective intermediary that may provide multiplepoint of sale devices at various locations to facilitate transactionroutings between merchants and, for example, service entities.

In some embodiments, the service application 138 may include a paymentprocessing application (not shown) for processing purchases and/orpayments for electronic transactions between a user and a merchant orbetween any two entities. In one implementation, the payment processingapplication assists with resolving electronic transactions throughvalidation, delivery, and settlement. As such, the payment processingapplication settles indebtedness between a user and a merchant, whereinaccounts may be directly and/or automatically debited and/or credited ofmonetary funds in a manner as accepted by the banking industry.

The service provider server 130 may also include an interface server 134that is configured to serve content (e.g., web content) to users andinteract with users. For example, the interface server 134 may include aweb server configured to serve web content in response to HTTP requests.In another example, the interface server 134 may include an applicationserver configured to interact with a corresponding application (e.g., aservice provider mobile application) installed on the user device 110via one or more protocols (e.g., RESTAPI, SOAP, etc.). As such, theinterface server 134 may include pre-generated electronic content readyto be served to users. For example, the data server 134 may store alog-in page and is configured to serve the log-in page to users forlogging into user accounts of the users to access various serviceprovided by the service provider server 130. The data server 134 mayalso include other electronic pages associated with the differentservices (e.g., electronic transaction services, etc.) offered by theservice provider server 130. As a result, a user may access a useraccount associated with the user and access various services offered bythe service provider server 130, by generating HTTP requests directed atthe service provider server 130.

In various embodiments, the service provider server 130 includes aposition detection module 132 that implements the position detectionsystem as discussed herein. The position detection module 132 isconfigured to determine a relative position of an appearance of aparticular webpage element within a webpage (e.g., hosted by anyone ofthe merchant servers 120, 170, and 180) when the webpage is rendered.For example, the position detection module 132 may obtain a webpage fromthe merchant servers 120, 170, or 180, and may analyze the programmingcode of the webpage. Based on the analyzing of the programming code, theposition detection module 132 may determine a relative position of anappearance of a particular webpage element (e.g., a link associated withthe service provider server 130) among related webpage elements (e.g.,links associated with other similar service provider servers) when thewebpage is rendered. The position detection module 132 may transmitalerts to the service provider server 130 based on the determinedposition (e.g., when the determined position is different from apredetermined position for the particular webpage element). The positiondetection module 132 may also determine correlations between positionsof an appearance of the particular webpage element and certainweb-related metrics, such as a hit ratio of the particular webpageelement, a usage ratio of the service provider server 130, etc.Furthermore, when the particular webpage element is associated withinitiating a transaction request with the service provider server 130,the position detection module 132 may also use the determined positionto assess a risk of the transaction request, and to facilitate adecision by the service provider 130 to authorize or deny thetransaction request.

The service provider server 130, in one embodiment, may be configured tomaintain one or more user accounts and merchant accounts in an accountdatabase 136, each of which may be associated with a profile and mayinclude account information associated with one or more individual users(e.g., the user 140 associated with user device 110) and merchants. Forexample, account information may include private financial informationof users and merchants, such as one or more account numbers, passwords,credit card information, banking information, digital wallets used, orother types of financial information, transaction history, InternetProtocol (IP) addresses, device information associated with the useraccount, which may be used by the profile matching module 132 to matchprofiles to the entity. In certain embodiments, account information alsoincludes user purchase profile information such as account fundingoptions and payment options associated with the user, paymentinformation, receipts, and other information collected in response tocompleted funding and/or payment transactions.

User profile information may be compiled or determined in any suitableway. In some instances, some information is solicited when a user firstregisters with a service provider. The information might includedemographic information, a survey of purchase interests, and/or a surveyof past purchases. In other instances, information may be obtained fromother databases. In certain instances, information about the user andproducts purchased are collected as the user shops and purchases variousitems, which can also be used to determine whether a request is valid orfraudulent.

In one implementation, a user may have identity attributes stored withthe service provider server 130, and the user may have credentials toauthenticate or verify identity with the service provider server 130.User attributes may include personal information, banking informationand/or funding sources. In various aspects, the user attributes may bepassed to the service provider server 130 as part of a login, search,selection, purchase, and/or payment request, and the user attributes maybe utilized by the service provider server 130 to associate the userwith one or more particular user accounts maintained by the serviceprovider server 130 and used to determine the authenticity of a requestfrom a user device.

FIG. 2 illustrates a block diagram of the position detection module 132according to an embodiment of the disclosure. The position detectionmodule 132 includes a position detection manager 202, a web crawler 204,a code analysis module 206, and a model generation module 208. Theposition detection manager 202 may use the web crawler 204 to accesswebpages that include a particular webpage element (e.g., a link to theservice provider server 130 for submitting a request for performingelectronic transactions). For example, if the particular webpage elementis a payment option link associated with the service provider server130, the web crawler 204 may access various merchant websites via thenetwork 160 (such as merchant websites associated with the merchantservers 120, 170, and 180), and may emulate an end user (e.g., a humanuser) initiating a transaction with the merchant website by selectingone or more offerings from the merchant website for purchase andinitiating a checkout process with the merchant website. Once the webcrawler 204 accesses the webpage that includes the particular webpageelement (e.g., a transaction checkout webpage of a merchant website thatincludes a link to the service provider server 130), the web crawler 204may obtain (e.g., downloads) source programming code of the webpage.

The position detection manager 202 may then use the code analysis module206 to analyze the programming code of the webpage using techniquesdisclosed herein. In some embodiments, to assist the code analysismodule 206 in analyzing the programming code of the webpage, the modelgeneration module 208 may generate a DOM tree of the webpage based onthe programming code. The code analysis module 206 may traverse the DOMtree to determine an order in which related webpage elements (webpageelements, including the particular webpage elements, that are associatedwith a target subject matter such as payment options) are presented onthe webpage when the webpage is rendered and/or a relative position ofthe particular webpage elements among the related webpage elements.

FIG. 3 illustrates a process 300 for determining a relative position ofan appearance of a particular webpage element among related webpageelements within a webpage when the webpage is rendered according tovarious embodiments of the disclosure. In some embodiments, the process300 may be performed by the position detection module 132 of the serviceprovider server 130. The process 300 begins by obtaining (at step 305) awebpage that includes the particular webpage element. The particularwebpage element may be of interest to the service provider server 130.For example, the particular webpage element may be a link to the serviceprovider server 130, such as a link for submitting a transaction requestto the service provider server 130. In one example, the link may includea web address (e.g., a URL address, an IP address, etc.) that points tothe interface server 134 of the service provider server 130. In someembodiments, the link is provided to the merchant websites (associatedwith the merchant servers 120, 170, and 180) to enable end users of themerchant websites to initiate a transaction request (e.g., a request toperform an electronic payment transaction) with the merchant websites.The service provider associated with the service provider server 130 maywish to determine (or verify) locations of the particular webpageelement within various third-party webpages (e.g., transaction checkoutwebpages of the merchant websites), and/or the relative positions of theparticular webpage element among related webpage elements (e.g., linksassociated with other similar service provider servers such as otherpayment options) that appear at the various third-party webpages.

In some embodiments, the position detection module 132 may use the webcrawler 204 to access the various third-party webpages. In one example,the web crawler 204 may obtain network addresses (e.g., uniform resourcelocators (URLs), Internet Protocol (IP) addresses, etc.) associated withthe third-party webpages, and access the third-party webpages bysubmitting a request for content based on the network addresses (e.g.,via an application such as a web browser). However, some of thesethird-party webpages, such as transaction checkout webpages of merchantwebsites, may not be accessible via network addresses, as they may bedynamically generated based on input from one or more webpages ofmerchants associated with a transaction checkout flow. As such, inanother example, the web crawler 204 may first access a website of amerchant (e.g., a homepage or a main portal of the merchant, such ashttp://www.amazon.com). Once the merchant website is accessed, the webcrawler 204 may emulate an end user (e.g., a human user) initiating atransaction checkout flow of the merchant by selecting (e.g., randomlyselecting) one or more merchandises from the merchant website and addingthe one or more merchandises to an electronic cart of the merchantwebsite. In some embodiments, the web crawler 204 may parse theprogramming code of the merchant website to identify the one or moreofferings and to make one or more requests to the merchant website toadd the one or more offerings to the electronic cart (e.g., by sendingweb requests to the merchant servers 120, 170, or 180). By initiatingthe transaction checkout workflow based on the one or more offerings,the merchant servers may provide the web crawler 204 access to thewebpages that include the particular webpage element.

FIG. 4 illustrates an example webpage 400 that includes the particularwebpage element. In this example, the webpage 400 is a transactioncheckout webpage associated with a merchant called ‘XYZ,’ as indicatedby the network address 402 associated with the webpage 400. As shown,the webpage 400 includes a merchant logo 412 associated with themerchant, a transaction summary section 414, and a payment optionsection 416. The transaction summary section 414 in this exampleincludes webpage elements 422 and 424, which show that the transactionis for a purchase of a pair of shoes that costs $26 and a pair of socksthat costs $4, which brings the total of the transaction to be $30. Inthe payment option section 416, multiple webpage elements 404-410 arepresented. Each of the webpage elements 404-410 may be a link toinitiate a payment transaction service with a payment service provider.In this example, the webpage element 406 (the particular webpageelement) may be a link to initiate a payment transaction service withthe service provider server 130, while the webpage elements 404, 408,and 410 may be links to initiate a payment transaction service withother service provider servers (e.g., different from the serviceprovider server 130).

Once a webpage is accessed, the process 300 determines (at step 310) aplurality of webpage elements that are part of one or more groups withinthe webpage. In some embodiments, the web crawler 204 may obtain (e.g.,download) the programming code associated with the webpage (e.g., thewebpage 400). The position detection manager 202 may use the codeanalysis module 206 to analyze the programming code to determinedifferent webpage elements within the webpage 400. As defined herein, awebpage element is a standalone presentable component within a webpage,that may include a text component, an image component, a multi-media(e.g., a video clip, an audio clip) component, an interactive componentsuch as a link (e.g., a hyperlink), a form, a selection button (e.g., aradio button, a checkbox, etc.), and any combinations thereof. If thewebpage 400 is developed using Hypertext Markup Language (HTML), awebpage element may be encapsulated within tags (e.g., a tag and acorresponding end tag).

In some embodiments, the code analysis module 206 may parse theprogramming code of the webpage 400 and identify webpage elements withinthe webpage 400 that may be part of one or more groups based on aprogramming structure of the webpage elements and programming tagsincluded in the webpage elements. Using the example webpage 400 shown inFIG. 4, the code analysis module 206 may identify, from parsing theprogramming code of the webpage 400, different webpage elements withinthe webpage 400. In some embodiments, the code analysis module 206 mayidentify webpage elements based on content that is either associatedwith displayable text and/or based on content that is associated with(e.g., appears immediate after) tags in the code. For example, the codeanalysis module 206 may identify a webpage element corresponding to themerchant logo 412 (which is an image, and is associated with an imagetag such as ‘<img>’ within the code), the webpage element 422corresponding to the purchase of the pair of shoes 422 (e.g., includingan image of the pair of shoes and a price of the shoes, the webpageelement 422 is wrapped between a pair of tags such as ‘<dl>’ and‘</dl>’), the webpage element 424 corresponding to the purchase of thepair of socks 424 (e.g., including an image of the pair of socks and aprice of the socks, the webpage element 424 is wrapped between a pair oftags such as ‘<dl>’ and ‘</dl>’), and the webpage elements 404-410corresponding to links associated with different payment serviceproviders (e.g., each of the webpage elements 404-410 is wrapped betweena pair of tags such as ‘<dl>’ and ‘</dl>’). However, not all of thewebpage elements identified in the webpage 400 are part of a group. Inthis example, the webpage element corresponding to the merchant logo 412is a standalone webpage element that is not related to any other webpageelements within the webpage 400 (e.g., not part of any group of webpageelements as it is not associated with any one of the group tags, as willbe explained in detail below). On the other hand, the webpage elements422 and 424 corresponding to the merchandises (e.g., the shoes and thesocks) are related to each other (and part of a group) as all of themrepresent merchandises that are involved in the transaction. Similarly,the webpage elements 404-410 are related to each other (and part of agroup) as they represent different payment options for the end user ofthe merchant website.

In some embodiments, the code analysis module 206 may identify webpageelements that may be part of one or more groups based on a grouping tagincluded within the portions of programming code corresponding to thewebpage elements. A grouping tag (e.g., a container tag, a list tag,etc.) included within the portion of programming code corresponding to awebpage element may indicate that the webpage element is part of one ormore groups. Thus, the code analysis module 206 may determine that awebpage element is part of a group when the webpage element includes agrouping tag (e.g., encapsulated by the grouping tag and a correspondingend tag). Examples of grouping tags, for webpages that are developedusing Hypertext Markup Language (HTML), may include a <DIV> tag, a <LI>tag, a <DT> tag, and a <LABEL> tag.

FIG. 5 illustrates a section of programming code 500 associated with thewebpage 400. Specifically, the section of programming code 500 includesa portion of programming code 502 corresponds to the webpage element 406and a portion of programming code 504 corresponds to the webpage element408. As shown, each of the portions of programming code 502 and 504includes a grouping tag (e.g., a <DIV> tag) and/or encapsulated within agrouping tag (e.g., a <DIV> tag) and a corresponding end tag (e.g., a</DIV> tag). Thus, by identifying webpage elements that include agrouping tag in the corresponding portions of programming code, the codeanalysis module 206 may identify webpage elements 422, 424, 404, 406,408, and 410 that may be part of one or more groups.

Referring back to FIG. 3, the process 300 then identifies (at step 315),from the plurality of webpage elements, a group of webpage elementsrelated to a target subject matter. For example, the code analysismodule 206 may divide the webpage elements into one or more groups ofrelated webpage elements, where the webpage elements in each group ofwebpage elements are related to each other and associated with a subjectmatter (e.g., payment options, merchandises involved in a transaction,etc.). Since webpage elements that are part of the same group may sharea common programming code structure, after identifying all webpageelements within the webpage 400 that may be part of one or more groups,the code analysis module 206 may determine related webpage elements byanalyzing the programming code structures of the portions of programmingcode corresponding to the webpage elements.

In some embodiments, the code analysis module 206 may first extract theportions of programming code corresponding to the webpage elements thatare part of one or more groups (e.g., the webpage elements 422, 424,404, 406, 408, and 410). The code analysis module 206 may then remove(e.g., strip away) parts of the portions of the programming code thatare not part of a programming structure (not standard tag language, notrecognizable by a software interpreter/compiler of a programminglanguage), such as user-provided content data (e.g., text, image filelinks, etc.) and variable attribute values (e.g., “input id” values,“input value” values, “label for” values, etc.) within tags. In theexample illustrated in FIG. 5, the parts of the programing code that arenot part of a programming structure may include the text data (e.g.,“PayPal” for the portion of programming code 502 and “Apple Pay” for theportion of programming code 504, the “input id” values within the<INPUT> tags (e.g., “is-PAYPAL” for the portion of programming code 502and “is-DW_APPLE_PAY” for the portion of programming code 504), the“input value” values within the <INPUT> tags (e.g., “PAYPAL” for theportion of programming code 502 and “DW_APPLE_PAY” for the portion ofprogramming code 504), and the “label for” values within the <LABEL>tags (e.g., “is-PAYPAL” for the portion of programming code 502 and“is-DW_APPLE_PAY” for the portion of programming code 504). These arethe values that may be arbitrarily inserted into the programming code bythe developer(s) of the webpage 400 and are not related to theprogramming structure of the programming code.

After removing the user-provided content and the variable attributevalues from the webpage elements, the remaining programming code (e.g.,stripped programming code) may reveal programming structures of thewebpage elements. For example, the stripped programming code may includeHTML, tags (e.g., <DIV>, <LABEL>, etc.), code that specify one or moretypes of the webpage elements (e.g., “DIV CLASS=‘FIELD_WRAPPER’,” “INPUTTYPE=‘RADIO’,” “INPUT CLASS=‘INPUT_RAIO’,” etc.), and a structure of thetags (e.g., how different tags are nested). The code analysis module 206may compare the stripped programming code of the webpage elements todetermine which webpage elements are related (e.g., part of a group).For example, the code analysis module 206 may determine that webpageelements are related to each other when the webpage elements have anidentical or a similar programming structure (e.g., shared portions ofthe stripped programming code above a threshold (e.g., 90%, 95%, etc.)).After removing the user-provided content and the variable attributevalues from the portions of programming code 502 and 504, the codeanalysis module 206 may determine that the stripped portions ofprogramming code 502 and 504 are identical. For example, as shown inFIG. 5, each of the stripped portions of the programming code 502 and504 would include a first structure wrapped between a pair of <DIV>tags, a second <DIV> structure wrapped between another pair of <DIV>tags that is nested within the first structure, and a third structurecorresponding to an input radio button (e.g., associated with an <INPUT>tag) and a fourth structure wrapped between a pair of <LABEL> tags, bothof which nested within the second structure. Thus, the code analysismodule 206 may determine that the webpage elements 406 and 408(corresponding to the portions of programming code 502 and 504,respectively) belong to the same code because they share the sameprogramming structure.

The code analysis module 206 may use the same techniques to compare theprogramming structures of all of the webpage elements within the webpage400. Based on the comparing of stripped portions of programming code,the code analysis module 206 may determine that the webpage elements 422and 424 belong to a first group based on determining that the portionsof programming code corresponding to the webpage elements 422 and 424share a first programming structure, and that the webpage elements404-410 belong to a second group based on determining that the portionsof programming code corresponding to the webpage elements 404-410 sharea second programming structure.

In some embodiments, after dividing the webpage elements of the webpage400 into one or more groups based on the programming structure, the codeanalysis module 206 may further eliminate groups that include only onewebpage element (e.g., webpage elements that do not share programmingstructures with any other webpage elements within the webpage). In theexample illustrated in FIG. 4, both groups of webpage elements includetwo or more webpage elements. However, consider an example where onlyone merchandise (e.g., the pair of shoes associated with the webpageelement 422) is involved in the transaction. The webpage element 422 maystill include a grouping tag since the programming code is automaticallygenerated, with the assumption that there may be more than onemerchandise or offering to be listed on the webpage 400. Thus, eventhough after identifying the webpage element 422 as part of a group(e.g., based on determining that the webpage element 422 includes agrouping tag such as <DIV>), the code analysis module 206 may determinethat the webpage element is an orphan webpage element that is notrelated to any other webpage element based on comparing the programmingstructure of the webpage element 422 to the programming structures ofother webpage elements in the webpage 400 (e.g., determining that thewebpage element 422 does not share a programming structure with anyother webpage elements in the webpage 400). Thus, the code analysismodule 206 may eliminate the group of webpage elements that includes thewebpage element 422.

From the remaining groups of webpage elements, the code analysis module206 may determine at least one group that is related to a target subjectmatter (e.g., payment options). For example, the position detectionsystem may parse the portions of programming code (e.g., the original,unstripped version) corresponding to the remaining groups of webpageelements to search for one or more keywords related to the targetsubject matter (e.g., “payment,” “pay,” “paymentmethod,” etc.). When oneor more keywords related to the target group appear in the portions ofthe programming code corresponding to a group of the webpage elements,the code analysis module 206 may determine that the group of webpageelements is related to the target subject matter. In some embodiments,the code analysis module 206 may determine that the group of webpageelements is related to the target subject matter when the one or morekeywords are found in a portion of programming code corresponding to atleast one webpage element in the group. In some embodiments however, thecode analysis module 206 may determine that the group of webpageelements is related to the target subject matter only when the one ormore keywords are found in the portions of programming codecorresponding to each and every webpage element in the group. Referringback to FIG. 5, the code analysis module 206 may search through theprogramming code of the webpage 400 and may find the keywords “payment”and “paymentmethod” in the portions of programming code corresponding tothe webpage elements 404-410, which are part of the second group ofwebpage elements. Thus, the code analysis module 206 may determine thatthe second group of webpage elements (including the webpage elements404-410) is related to the target subject matter.

In some embodiments, the code analysis module 206 may determine whethera group of webpage elements is associated with the target subject matterby submitting one or more characteristics of the programming structureassociated with the group of webpage elements to a machine learningmodel, that has been trained to determine whether a programmingstructure is associated with the target subject matter. Thecharacteristics may include at least one of: the types of tags used inthe programming structure, an order of the tags, a number of the sametype of tags used in the programming structure, how many nested levelswithin the programming structure, how tags are nested within tags forthe programming structure, etc.

After determining a group of webpage elements within the webpage that isrelated to the target subject matter, the process 300 determines (atstep 32) that the group of webpage elements related to the targetsubject matter includes a particular webpage element of interest. Forexample, the position detection manager 202 may determine whether thesecond group of webpage elements includes a link to the service providerserver 130. In some embodiments, the position detection manager 202 mayuse the code analysis module 206 to search the portions of programmingcode corresponding to the second group of webpage elements for one ormore keywords related to the service provider server 130, such as“PayPal,” “paypal.com,” etc. Referring back to FIG. 5, the code analysismodule 206 may determine that the webpage element 404 is the particularwebpage element of interest as the portion of programming code 502corresponding to the webpage element 404 includes the keyword “PAYPAL.”

In some embodiments, the position detection manager 202 may determine alocation of the appearance of the webpage element 404 and/or a relativeposition of the webpage element 406 among other related webpage elements(e.g., the webpage elements 404, 408, and 410 that are part of the samegroup) based on analyzing the programming code of the webpage 400.Different embodiments may use different techniques to determine thelocation or relative position of the webpage element 406. In someembodiments, the code analysis module 206 may determine an order inwhich the webpage elements in the group is presented on the webpage 400when the webpage is rendered by simply traversing the programming codeof the webpage 404 and determining an order in which portions of theprogramming code corresponding to the webpage elements within the codeappear in the programming code. For example, the code analysis module206 may determine, from a text file associated with the programming codefor each webpage element, a character position of a first character inthe portion of programming code corresponding to the webpage element.The code analysis module 206 may then determine the order in which thewebpage elements are presented on the webpage based on the characterpositions associated with the webpage elements.

However, some webpages may be complex and may include multiple nestedstructures (e.g., tags within tags, etc.) and/or layout rules (e.g., CSScode), which makes it difficult to ascertain the presentation layout ofa webpage by simply traversing the programming code in a linear manner(e.g., based on the order in which the portions of the programming codeappear in the programming code file). Thus, in some embodiments, thecode analysis module 206 may use the model generation module 208 togenerate a document object model (DOM) tree based on the programmingcode of the webpage 400. The code analysis module 206 may traverse theDOM tree to determine an order in which the webpage elements 404-410within the group of webpage elements. Thus, the process 300 generates(at step 325) a document object model (DOM) tree for the webpage basedon the programming code, traverses (at step 330) the DOM tree todetermine an order of webpage elements within the group of webpageelements, and determines (at step 335) a position of the particularwebpage element relative to other webpage elements in the group.

In some embodiments, the model generation module 208 may generate (e.g.,build) a document object model (DOM) tree based on the programming codeof the webpage 400. A DOM tree is a structure that corresponds to aprogramming structure (e.g., tag structure) of the webpage 400. The DOMtree may include nodes, where a node (or a group of nodes) in the DOMtree corresponds to a webpage element within the webpage (e.g., the tagsand content associated with the webpage element). For example, the rootnode (or the root group of nodes) in the DOM tree may correspond to aroot webpage element (e.g., a title) within the webpage. The DOM treemay have multiple levels of nodes, where each level corresponds to a taglevel within the programming code. Thus, when the webpage 400 has anested structure (e.g., one or more nested tags), the model generationmodule 208 may generate the DOM tree to have multiple levels, where eachnested structure is represented by a deeper level within the DOM tree.As such, the DOM tree may represent how the webpage elements (e.g.,text, images, multi-media content, user interface elements such as alink, a button, a check-box, a text box, a radio button, etc.) arepresented when the webpage is rendered by a software application (e.g.,a web browser).

In some embodiments, the code analysis module 206 may determine an orderin which the group of related webpage elements (including the webpageelements 404-410) is presented when the webpage 400 is rendered bytraversing the DOM tree. For example, the code analysis module 204 maytraverse the DOM tree in a breadth-first search manner, and the order inwhich the nodes are traversed may be used to determine the order inwhich the corresponding webpage elements are presented on the webpage400 when the webpage 400 is rendered. Thus, by determining an order inwhich the nodes (including the nodes corresponding to the group ofwebpage elements 404-410) are reached based on traversing the DOM treeusing a breath-first search algorithm, the code analysis module 206 maydetermine an order in which the related webpage elements 404-410 in thegroup are presented on the webpage 400 when the webpage 400 is rendered,and the relative position of the particular webpage element (e.g., thewebpage element 406) among the group of webpage elements.

In some embodiments, the code analysis module 206 may apply anyformatting rules (e.g., CSS rules) associated with the webpage 400 tothe webpage elements before building and/or traversing the DOM tree.Upon applying the formatting rules to the webpage elements, the positiondetection system may also determine whether each of the webpage elementsis within a viewport of the webpage 400 (e.g., is visible on the webpage400 when the webpage 400 is rendered). Thus, not only can the positiondetection module 132 determine an order of the webpage elementspresented on the webpage 400, the position detection system can alsodetermine whether the particular webpage element 406 (or the entiregroup of webpage elements 404-410) is visible to end-users (e.g., withinthe viewport of the webpage 400) when the webpage 400 is rendered. Inthe example illustrated in FIG. 4, the code analysis module 206 maydetermine that the particular webpage element (e.g., the webpage element406) is visible to an end user, and is presented at a second positionwithin the group of webpage elements 404-410, before the webpage element408 and after the webpage element 404, based on traversing the DOM tree.

Upon determining that the particular webpage element 406 is visible toend-users and determining the relative position of the particularwebpage element 406 among the group of webpage elements 404-410, theposition detection manager 202 may compare the determined position ofthe particular webpage to a predetermined position. In one example, thepredetermined position may be a position agreed upon by the merchantassociated with the merchant server (e.g., the merchant server 120, 170,or 180) from which the webpage 400 is obtained for presenting theparticular webpage element 406 on its website. In another example, thepredetermined position may be a desirable position by a service providerassociated with the service provider server 130.

If the position detection manager 202 determines that the position ofthe particular webpage element 406 on the webpage determined based onanalyzing the programming code of the webpage 400 is different (e.g.,higher or lower) than the predetermined position, the position detectionmanager 202 may transmit an alert to a device associated with theservice provider server 130. In the example illustrated in FIG. 4, thecode analysis module 206 may determine that the particular webpageelement 406 associated with the service provider server 130 is locatedat a second position among the webpage elements 404-410 (e.g., from leftto right) within the webpage 400. If the predetermined position for theparticular webpage 400 is a first position, the code analysis module 206may determine that there is an inconsistency between the actual positionand the predetermined position of the particular webpage element 404,and may send an alert to a device associated with the service providerserver 130.

In some embodiments, as discussed above, the web crawler 204 may beconfigured to crawl through a network (e.g., the Internet) to obtainwebpages associated with different entities (e.g., webpages hosted bymerchant servers 120, 170, and 180) that include the particular webpageelement (e.g., links to the service provider server 130). The positiondetection module 132 may then analyze the programming code of thewebpages to determine, for each merchant website, a relative position ofthe particular webpage element (e.g., the link to the server providerserver 130) among the group of webpage elements (e.g., a group ofpayment options) using the techniques described herein. The positiondetection module 132 may generate a report indicating which merchantwebsites present the particular webpage element at the predeterminedposition and which merchant websites present the particular webpageelement at a different position. Furthermore, the position detectionmodule 132 may also determine correlations between the relative positionof the particular webpage element and a metric associated with end-userselecting the particular webpage element (e.g., a number or frequency, aratio, or other metrics of transactions for which the end-users selectthe particular payment option for the transactions). In someembodiments, the position detection module 132 may feed the data (alongwith other data such as type of merchandises being sold at the website,a size of the merchant, etc.) into a machine learning model to determinean optimal position (e.g., the position of the webpage element thatwould produce the maximum number of selection of the particular paymentoption).

In some embodiments, the position detection module 132 is part of (orused by) a risk assessment system for the service provider server 130.In some embodiments, the particular webpage element 406 may beassociated with initiating an electronic transaction request with theservice provider server 130 (e.g., initiating an electronic paymentrequest, etc.). Thus, when an end user selects the particular webpageelement 406 (e.g., a button, a link, etc.) that appears on the webpage400 (e.g., a transaction checkout webpage), the web browser directs theend user to a website associated with the service provider server 130.And, when the interface server 134 receives a request (e.g., atransaction request) from a website (e.g., the webpage 400), the riskassessment system of the service provider server 130 may then use theposition detection module 132 to access the webpage 400 and to determinea relative position of the particular webpage element 406 among thegroup of related webpage elements that appear on the webpage 400 whenthe webpage 400 is rendered. The risk assessment system may then use thedetermined relative position to determine a risk associated with thetransaction request. For example, the risk assessment system maydetermine a higher risk for the transaction request when the determinedposition of the particular webpage element 406 is different from apredetermined position. In some embodiments, the risk assessment systemmay determine a higher risk for the transaction request when thedetermined position of the particular webpage element 406 is lower, andmay determine a lower risk for the transaction request when thedetermined position of the particular webpage element 406 is higher (orvice versa). The risk assessment system may authorize or deny thetransaction request based on the determined risk.

In addition to the position, in some embodiments, the position detectionmodule 132 may also determine other appearance characteristics of theparticular webpage element 406, such as a size of the webpage element406, a color of the webpage element 406, and other appearancecharacteristics based on analyzing the programming code (e.g., analyzingthe tags within the portion of programming code corresponding to thewebpage element 406). The position detection module 132 may also comparethe appearance characteristics of the particular webpage element 406against the appearances of the related webpage elements (e.g., thewebpage elements 404, 408, and 410) within the same group as theparticular webpage element 406. The appearance of the particular webpageelement 406 and the comparison may also be used to determine thecorrelation and/or to assess a risk of a transaction request asdiscussed herein.

FIG. 6 is a block diagram of a computer system 600 suitable forimplementing one or more embodiments of the present disclosure,including the service provider server 130, the merchant servers 120,170, and 180, and the user device 110. In various implementations, theuser device 110 may include a mobile cellular phone, personal computer(PC), laptop, wearable computing device, etc. adapted for wirelesscommunication, and each of the service provider server 130 and themerchant servers 120, 170, and 180 the may include a network computingdevice, such as a server. Thus, it should be appreciated that thedevices 110, 120, 130, 170, and 180 may be implemented as the computersystem 600 in a manner as follows.

The computer system 600 includes a bus 612 or other communicationmechanism for communicating information data, signals, and informationbetween various components of the computer system 600. The componentsinclude an input/output (I/O) component 604 that processes a user (i.e.,sender, recipient, service provider) action, such as selecting keys froma keypad/keyboard, selecting one or more buttons or links, etc., andsends a corresponding signal to the bus 612. The I/O component 604 mayalso include an output component, such as a display 602 and a cursorcontrol 608 (such as a keyboard, keypad, mouse, etc.). The display 602may be configured to present a login page for logging into a useraccount or a checkout page for purchasing an item from a merchant. Anoptional audio input/output component 606 may also be included to allowa user to use voice for inputting information by converting audiosignals. The audio I/O component 606 may allow the user to hear audio. Atransceiver or network interface 620 transmits and receives signalsbetween the computer system 600 and other devices, such as another userdevice, a merchant server, or a service provider server via network 622.In one embodiment, the transmission is wireless, although othertransmission mediums and methods may also be suitable. A processor 614,which can be a micro-controller, digital signal processor (DSP), orother processing component, processes these various signals, such as fordisplay on the computer system 600 or transmission to other devices viaa communication link 624. The processor 614 may also controltransmission of information, such as cookies or IP addresses, to otherdevices.

The components of the computer system 600 also include a system memorycomponent 610 (e.g., RAM), a static storage component 616 (e.g., ROM),and/or a disk drive 618 (e.g., a solid-state drive, a hard drive). Thecomputer system 600 performs specific operations by the processor 614and other components by executing one or more sequences of instructionscontained in the system memory component 610. For example, the processor614 can perform the position detection of webpage elements describedherein according to the process 300.

Logic may be encoded in a computer readable medium, which may refer toany medium that participates in providing instructions to the processor614 for execution. Such a medium may take many forms, including but notlimited to, non-volatile media, volatile media, and transmission media.In various implementations, non-volatile media includes optical ormagnetic disks, volatile media includes dynamic memory, such as thesystem memory component 610, and transmission media includes coaxialcables, copper wire, and fiber optics, including wires that comprise thebus 612. In one embodiment, the logic is encoded in non-transitorycomputer readable medium. In one example, transmission media may takethe form of acoustic or light waves, such as those generated duringradio wave, optical, and infrared data communications.

Some common forms of computer readable media include, for example,floppy disk, flexible disk, hard disk, magnetic tape, any other magneticmedium, CD-ROM, any other optical medium, punch cards, paper tape, anyother physical medium with patterns of holes, RAM, PROM, EPROM,FLASH-EPROM, any other memory chip or cartridge, or any other mediumfrom which a computer is adapted to read.

In various embodiments of the present disclosure, execution ofinstruction sequences to practice the present disclosure may beperformed by the computer system 600. In various other embodiments ofthe present disclosure, a plurality of computer systems 600 coupled bythe communication link 624 to the network (e.g., such as a LAN, WLAN,PTSN, and/or various other wired or wireless networks, includingtelecommunications, mobile, and cellular phone networks) may performinstruction sequences to practice the present disclosure in coordinationwith one another.

Where applicable, various embodiments provided by the present disclosuremay be implemented using hardware, software, or combinations of hardwareand software. Also, where applicable, the various hardware componentsand/or software components set forth herein may be combined intocomposite components comprising software, hardware, and/or both withoutdeparting from the spirit of the present disclosure. Where applicable,the various hardware components and/or software components set forthherein may be separated into sub-components comprising software,hardware, or both without departing from the scope of the presentdisclosure. In addition, where applicable, it is contemplated thatsoftware components may be implemented as hardware components andvice-versa.

Software in accordance with the present disclosure, such as program codeand/or data, may be stored on one or more computer readable mediums. Itis also contemplated that software identified herein may be implementedusing one or more general purpose or specific purpose computers and/orcomputer systems, networked and/or otherwise. Where applicable, theordering of various steps described herein may be changed, combined intocomposite steps, and/or separated into sub-steps to provide featuresdescribed herein.

The various features and steps described herein may be implemented assystems comprising one or more memories storing various informationdescribed herein and one or more processors coupled to the one or morememories and a network, wherein the one or more processors are operableto perform steps as described herein, as non-transitory machine-readablemedium comprising a plurality of machine-readable instructions which,when executed by one or more processors, are adapted to cause the one ormore processors to perform a method comprising steps described herein,and methods performed by one or more devices, such as a hardwareprocessor, user device, server, and other devices described herein.

What is claimed is:
 1. A system, comprising: a processor; and anon-transitory computer-readable medium having stored thereoninstructions executable by the processor to cause the system to performoperations comprising: identifying a grouping of webpage elements amonga plurality of webpage elements of a webpage, wherein the webpage isconfigured to be rendered on a user device and is configured tofacilitate, via one or more interactive elements of the plurality ofwebpage elements, a user of the user device to perform one or moreelectronic transactions via the webpage; determining that the groupingof webpage elements comprises a particular webpage element; determininga positioning of each of the grouping of webpage elements including theparticular webpage element within the webpage; and based on thedetermined positioning of each of the grouping of webpage elementsincluding the particular webpage element within the webpage, causing arisk level to be assessed for a transaction request made via thewebpage, wherein the transaction request is assessed a first risk levelbased on the particular webpage element being present at a firstparticular position within the webpage relative to one or more otherwebpage elements of the grouping of webpage elements, and wherein thetransaction request is assessed a second risk level lower than the firstrisk level based on the particular webpage element being present at asecond particular position within the webpage relative to the one ormore other webpage elements of the grouping of webpage elements.
 2. Thesystem of claim 1, wherein determining the positioning of each of thegrouping of webpage elements comprises analyzing a code structure of thewebpage.
 3. The system of claim 2, wherein the code structure of thewebpage comprises a document object model (DOM).
 4. The system of claim1, wherein the operations further comprise: causing the transactionrequest to be approved based on the risk level.
 5. The system of claim1, wherein a first one of the plurality of webpage elements correspondsto a first particular electronic transaction processing service and theparticular webpage element corresponds to a different electronictransaction processing service.
 6. The system of claim 1, wherein theoperations further comprise: prior to determining the positioning ofeach of the grouping of webpage elements including the particularwebpage element within the webpage, eliminating at least a first webpageelement from the grouping of webpage elements, wherein positioning isnot determined for the first webpage element.
 7. The system of claim 1,wherein identifying the grouping of webpage elements is based on adetermination that the grouping of webpage elements corresponds totarget content webpage subject matter.
 8. The system of claim 7, whereinthe determination that the grouping of webpage elements corresponds totarget content webpage subject matter is based on an application of amachine learning model to the grouping of webpage elements.
 9. A method,comprising: identifying, by a computer system, a grouping of webpageelements among a plurality of webpage elements of a webpage, wherein thewebpage is configured to be rendered on a user device and is configuredto facilitate, via one or more interactive elements of the plurality ofwebpage elements, a user of the user device to perform one or moreelectronic transactions via the webpage; determining, by the computersystem, that the grouping of webpage elements comprises a particularwebpage element; determining, by the computer system, a positioning ofeach of the grouping of webpage elements including the particularwebpage element within the webpage; and based on the determinedpositioning of each of the grouping of webpage elements including theparticular webpage element within the webpage, the computer systemcausing a risk level to be assessed for a transaction request made viathe webpage, wherein the transaction request is assessed a first risklevel based on the particular webpage element being present at a firstparticular position within the webpage relative to one or more otherwebpage elements of the grouping of webpage elements, and wherein thetransaction request is assessed a second risk level lower than the firstrisk level based on the particular webpage element being present at asecond particular position within the webpage relative to the one ormore other webpage elements of the grouping of webpage elements.
 10. Themethod of claim 9, wherein determining the positioning of each of thegrouping of webpage elements comprises analyzing a code structure of thewebpage.
 11. The method of claim 10, wherein the code structure of thewebpage comprises a document object model (DOM).
 12. The method of claim9, wherein the operations further comprise: causing the transactionrequest to be approved based on the risk level.
 13. The method of claim9, wherein a first one of the plurality of webpage elements correspondsto a first particular electronic transaction processing service and theparticular webpage element corresponds to a different electronictransaction processing service.
 14. The method of claim 9, wherein theoperations further comprise: prior to determining the positioning ofeach of the grouping of webpage elements including the particularwebpage element within the webpage, eliminating at least a first webpageelement from the grouping of webpage elements, wherein positioning isnot determined for the first webpage element.
 15. The method of claim 9,wherein identifying the grouping of webpage elements is based on adetermination that the grouping of webpage elements corresponds totarget content webpage subject matter.
 16. A non-transitorycomputer-readable medium having stored thereon instructions executableby a computer system to cause the computer system to perform operationscomprising: identifying a grouping of webpage elements among a pluralityof webpage elements of a webpage, wherein the webpage is configured tobe rendered on a user device and is configured to facilitate, via one ormore interactive elements of the plurality of webpage elements, a userof the user device to perform one or more electronic transactions viathe webpage; determining that the grouping of webpage elements comprisesa particular webpage element; determining a positioning of each of thegrouping of webpage elements including the particular webpage elementwithin the webpage; and based on the determined positioning of each ofthe grouping of webpage elements including the particular webpageelement within the webpage, causing a risk level to be assessed for atransaction request which can be made via one or more of the grouping ofwebpage elements of the webpage, wherein the transaction request isassessed a first risk level based on the particular webpage elementbeing present at a first particular position within the webpage relativeto one or more other webpage elements of the grouping of webpageelements, and wherein the transaction request is assessed a second risklevel lower than the first risk level based on the particular webpageelement being present at a second particular position within the webpagerelative to the one or more other webpage elements of the grouping ofwebpage elements.
 17. The non-transitory computer-readable medium ofclaim 16, wherein identifying the grouping of webpage elements comprisescrawling the webpage with a web crawler.
 18. The non-transitorycomputer-readable medium of claim 16, wherein the operations furthercomprise: receiving the transaction request from a user device;assessing the risk of the transaction request at the first risk level orthe second risk level; and based on the first risk level or the secondrisk level, approving or denying the transaction request.
 19. Thenon-transitory computer-readable medium of claim 16, wherein a first oneof the plurality of webpage elements corresponds to a first particularelectronic transaction processing service and the particular webpageelement corresponds to a different electronic transaction processingservice.
 20. The non-transitory computer-readable medium of claim 16,wherein identifying the grouping of webpage elements is based on adetermination that the grouping of webpage elements corresponds totarget content webpage subject matter.